MTTGOX 



FOR IMMEDIATE RELEASE 



Statement Regarding Recent DDoS Attacks and Mitigation 



Tokyo, Japan, April 24th, 2013 - On the evening of April 21st, from 11 :50 PM Tokyo time, 
Mt. Gox was hit by a strong DDoS (Distributed Denial of Service) attack that caused the 
site and trading engine to be unavailable for approximately four hours. The source of the 
attack is under investigation, and we are working with appropriate authorities to identify 
those responsible. However, the reality is that our primary goal is to stop the attacks and 
stabilize the exchange. 

For the sake of our customers and the Bitcoin community it is important that we clarify the 
details of the recent attacks on Mt. Gox and what we are doing to combat them. As the 
operator of the largest Bitcoin exchange we have the responsibility to maintain the security 
of our customers' accounts, strengthen our infrastructure appropriately, and help maintain 
confidence in the growing Bitcoin market as a whole. 

How we are being attacked: 

What we are experiencing lately are "Layer 7" DDoS attacks. Unlike your average DDoS 
(which overloads the servers with traffic to the site as a whole) these are much more 
creative and harder to detect in that they target specific elements of the site and make it 
difficult to distinguish malicious traffic from normal traffic. The attackers' goal is to shut 
down the exchange, either through the DDoS itself, or by forcing Mt. Gox to take measures 
that have the same effect. Attached to this document (See FAQ below) are some details 
from Prolexic regarding the recent attack. 

What we are doing about the attacks: 

When Mt. Gox is attacked there is truly no ideal solution: 

1) Try to make sure to mitigate the attack as much as possible so we don't have to shut 
down everything, including the trading engine. This is done along with Prolexic, which 
has been invaluable in helping us in recent weeks. 

2) We do our best not to influence the market at all. It is our responsibility to remain as 
neutral as possible towards market prices, and simply work to continue running the best 
exchange available. 

3) Communicate what information we can with the public through forums such as 
Facebook, Twitter, Google+, and Reddit. We are open to suggestions on how we can 
improve this communication. 



Mt. Gox has been working overtime since February to build a new trading engine which 
will be implemented by the end of June. Additionally since early March we have been 
building a new IT infrastructure which will be completed by the end of May. We will make 
further announcements for such changes once they are implemented. 

Bitcoin and other cryptocurrencies are just now entering the consciousness of people 
around the world, and still have a long way to go towards greater acceptance. While these 
attacks are a nuisance and a disservice to all Bitcoin holders and enthusiasts, they are 
also part of the growing pains of this incredible new technology. 



Recent Frequently Asked Questions 



There are many questions that have been coming up recently on Facebook, Twitter, and to 
our support team that we would like to address. Ideally we will be able to communicate in a 
more public, interactive forum very soon. In the meantime, here are some quick answers 
to common questions: 

Who are the attackers? 

We don't know, but we have some ideas. In the end this isn't really important as there will 
always be attacks, and our responsibility is to reinforce the exchange and maintain high 
security. Below are some details from the most recent DDoS attack. 
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Example of a recent 77Gbps attack 



Are my funds safe at Mt. Gox? 

We take the utmost precautions to stay within legal frameworks in order to protect all of 
our account holders, such as complying with laws regarding money laundering. In addition 
to legal protections, Mt. Gox has full accounting of all cash and Bitcoins at all times, and 
does not run a fractional reserve. For added security 90~95% of all Bitcoins are in cold 
storage to prevent malicious activity. 

However, it is of the utmost importance that our customers take advantage of the security 
offered through Google Authenticator and Yubikey solutions to prevent account access by 
malicious parties through phishing, hacking, or other methods. 

When will you be adding Litecoin (LTC) to Mt. Gox? 

Soon. We were planning on doing so two weeks ago, but events derailed that plan. Right 
now we are focused on overall stability of the exchange, and will launch LTC when we are 
ready. Otherwise we could be further complicating things. 



How long will account verification take? 

Right now we have a backlog of verifications, but we are also doubling our support staff to 
process them. At time of this writing it could be 10~14 days, but will be growing shorter. 
Please be aware that it is crucial to take care in submitting your documentation correctly 
as per our instructions. Not doing so risks putting your processing back to the end of the 
line. 

How long with Single Euro Payments Area (SEPA) withdrawals take? 

Our bank limits the amount of transactions we can process per day. Although we are 
constantly negotiating for further raises in this level, the process takes time. Transfers 
were relatively easy when Bitcoins were $15 each, but because the limits are based on 
currency amounts, a higher Bitcoin price makes this a challenge. If you absolutely need 
your money now, please add "international wire transfer" as a new method of withdrawal, 
cancel your SEPA, and go that route. 



Regards, 
Mt.Gox Team. 

Media Contacts 

press@mtaox.com 



About Mt. Gox 

Mt. Gox is a service of Tibanne Co. Ltd., a privately-owned Japanese corporation based in 
Tokyo, Japan. Recognized as the leading exchange for Bitcoin, a digital cryptocurrency, 
Mt. Gox has seen unprecedented global growth in 2013 and is currently focusing on 
building stronger infrastructure to safely promote the spread of Bitcoin throughout the 
world. 



